Researchers at Bitdefender found serious vulnerabilities in solar power systems that could have allowed hackers to cause major disruptions. These flaws exist in platforms from Solarman and Deye, which manage millions of solar installations worldwide. Hackers could exploit these vulnerabilities to manipulate inverters, disrupt power generation, and trigger blackouts. The vulnerabilities also exposed sensitive user data, including personal and location information. Bitdefender reported these issues in May, and the companies responded by deploying patches during the summer.
This discovery highlights the increasing cybersecurity challenges in the energy sector. As solar power systems integrate more with the grid, they create new attack surfaces that require strong security measures. The incident emphasizes the need for robust cybersecurity practices to protect solar energy systems and other IoT setups from compromising critical infrastructure.